Intel Server Platform Services SPS SOC-A 04.00.04.300

CPE Details

Intel Server Platform Services SPS SOC-A 04.00.04.300
intel
server_platform_services
sps_soc-a_04.00.04.300
2021-01-25
17h31 +00:00
2021-01-25
17h31 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:intel:server_platform_services:sps_soc-a_04.00.04.300:*:*:*:*:*:*:*

Informations

Vendor

intel

Product

server_platform_services

Version

sps_soc-a_04.00.04.300

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-0051 2021-06-09 17h02 +00:00 Improper input validation in the Intel(R) SPS versions before SPS_E5_04.04.04.023.0, SPS_E5_04.04.03.228.0 or SPS_SoC-A_05.00.03.098.0 may allow a privileged user to potentially enable denial of service via local access.
4.4
Medium
CVE-2020-24509 2021-06-09 16h47 +00:00 Insufficient control flow management in subsystem in Intel(R) SPS versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0 may allow a privileged user to potentially enable escalation of privilege via local access.
6.7
Medium
CVE-2020-8705 2020-11-12 17h06 +00:00 Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access.
6.8
Medium
CVE-2019-0089 2019-05-17 13h41 +00:00 Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access.
6.7
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.